CS459/559 - Network Security - Chapter 10: Remote Access

1. Remote Access Security Considerations - needs to be addressed by security policy (bypassing firewalls)
   • SLIP
   • PPP
   • RAS
2. Remote Control ( uses proprietary asynchronous connection protocols - pcANYWHERE, Carbon Copy) - needs to be addressed by security policy
   • Login name and connection
   • Password
   • Access Privileges
   • Callback & roving callback
   • Host confirmation
   • Blank host screen
   • Disable host keyboard & mouse
   • Data encryption
   • Start before logon
   • Reboot on disconnect
3. Remote Access Software (uses PPP &/or SLIP) only difference from a network connection is the Physical and Data-Link Layers
   • NT RAS
     • Encryption
     • Integrated Domain Security
     • Intermediate Security Hosts
     • Callback Security
     • Audit Trails
     • Point-To-Point Tunneling Protocol (PPTP)
     • Login Security
   • Lantronix's Remote Access Server (router with packet filtering)
     • Password Authentication Protocol (PAP)
     • Challenge Handshake Authentication Protocol (CHAP)
     • Remote Authentication Dial-In User Service (RADIUS)
     • Kerberos
     • SecurID security
     • Callback security
   • Microcom's LANexpress (includes SNMP management software)
   • Audit trail should show all activity